Aguardic logoAguardic/Docs

Search documentation

Search all documentation pages

Get Started

Network Policies

Share compliance policies across organizations with auto-syncing shadow policies and vendor governance.

Overview

Network Policies let you share compliance policies between organizations. When you share a policy with a partner, vendor, or subsidiary, they receive a read-only shadow copy that stays in sync with your source policy — automatically or with approval.

This enables scenarios like:

  • Vendor compliance — Share your security policies with vendors and monitor their adherence
  • Partner governance — Distribute compliance standards across partner organizations
  • Multi-org alignment — Keep subsidiaries or divisions aligned with central policies
  • Regulatory distribution — Publish updated regulations and have all subscribers auto-sync

Key Concepts

Network Connections

A network connection is a bilateral relationship between two organizations. One org sends an invitation, the other accepts. Once active, policies can flow between them.

Connection statuses:

  • INVITED — Invitation sent, waiting for the other org to accept
  • ACTIVE — Both orgs confirmed, policies can be shared
  • REVOKED — Disconnected by either side

Shadow Policies

When you share a policy, the receiving organization gets a shadow policy — a read-only copy that they can bind to their own integrations for enforcement. They can use it but cannot edit it.

Auto-Sync

Each shared policy has an auto-sync setting:

  • Auto-sync on — When you update your policy, the shadow automatically updates in the partner org. No approval needed.
  • Auto-sync off — When you update, the partner is notified and must approve the update before their shadow syncs.

Setting Up a Connection

Sending an Invitation

  1. Navigate to Network in the dashboard
  2. Click Invite Organization
  3. Enter the email of a member at the target organization
  4. Add an optional label and note
  5. Click Send Invitation

The target org receives an email notification with details about your organization.

Accepting an Invitation

  1. Navigate to NetworkInvitations tab
  2. Review the incoming invitation (org name, sender, note)
  3. Click Accept to establish the connection (or Decline to reject)

Once accepted, the connection is ACTIVE and policies can be shared in either direction.

Sharing Policies

Share a Single Policy

  1. Open a policy detail page
  2. Click Share over Network
  3. Select which active connections to share with
  4. Choose auto-sync preference
  5. Click Share

The receiving org sees a pending policy share in their NetworkReceived tab.

Bulk Sharing

Share multiple policies at once:

  1. Go to NetworkShared Policies tab
  2. Click Share Policies
  3. Select the connection and up to 50 policies
  4. Click Share All

Receiving Shared Policies

  1. Navigate to NetworkReceived tab
  2. Review pending policy shares — you can see the full policy definition
  3. Click Accept to create the shadow policy in your org (or Decline)
  4. Once accepted, bind the shadow policy to your integrations for enforcement

Shadow policies appear in your regular Policies list with a network indicator. You can bind them to integrations just like your own policies — the only difference is they're read-only.

Handling Updates

When the source organization updates a shared policy:

With auto-sync enabled:

  • Your shadow policy updates automatically
  • Evaluations immediately use the new version
  • No action required on your end

With auto-sync disabled:

  • You see an "Update available" indicator in your received policies
  • Review the changes and click Accept Update or Decline Update
  • Your shadow stays on the old version until you accept

Revoking and Restoring

Revoking a Connection

Either organization can revoke a connection:

  • All policy shares on that connection are automatically revoked
  • Shadow policies in the receiving org are deactivated
  • Both orgs are notified

Restoring a Connection

Only the organization that revoked can restore it:

  • The connection returns to ACTIVE
  • Previously active policy shares are restored
  • Shadow policies reappear in the receiving org

Revoking a Single Policy Share

The source org can revoke individual policy shares without disconnecting:

  • The specific shadow policy is deactivated in the target org
  • Other shares on the same connection are unaffected

Use Cases

Vendor Compliance Monitoring

Share your security and data handling policies with vendors. When you update a requirement, all vendor orgs auto-sync the change — no manual re-distribution needed.

Partner Governance

Distribute industry-specific compliance policies (HIPAA, PCI-DSS, SOC 2) to partner organizations. Partners bind the shadow policies to their integrations for enforcement.

Multi-Entity Governance

For organizations with subsidiaries or regional divisions, publish central policies that auto-sync across all connected orgs. Each division enforces the same standards independently.

Next Steps

AI SystemsMarketplace